(RADIATOR) Forwarding DNSs
Rafael Felix Correa
felix at ifx.com.br
Fri Sep 3 17:08:35 CDT 2004
Hugh, there is the trace 4 log of an authentication test.
*** Received from 200.255.255.41 port 60365 ....
Code: Access-Request
Identifier: 197
Authentic:
<167><129><22>x<176><130><17><21><230><9><200><192><190><18><3>^
Attributes:
User-Name = "teste at ifxbrasil.com.br"
User-Password =
"<3>Ef<183>K<251><190><146>;<237><184>ih<230>?<142>"
NAS-IP-Address = 200.255.142.5
NAS-Identifier = "nasrjo05.rjo.embratel.net.br"
NAS-Port = 227
NAS-Port-Type = Async
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "1151030605"
Called-Station-Id = "40040330"
Acct-Session-Id = "306981982"
Ascend-Data-Rate = 28800
Ascend-Data-Rate = 49333
Fri Sep 3 19:00:31 2004: DEBUG: Check if Handler Called-Station-Id =
40040330 should be used to handle this request
Fri Sep 3 19:00:31 2004: DEBUG: Handling request with Handler
'Called-Station-Id = 40040330'
Fri Sep 3 19:00:31 2004: DEBUG: Deleting session for
teste at ifxbrasil.com.br, 200.255.142.5, 227
Fri Sep 3 19:00:31 2004: DEBUG: Handling with Radius::AuthFILE
Fri Sep 3 19:00:31 2004: DEBUG: Radius::AuthFILE looks for match with
teste at ifxbrasil.com.br
Fri Sep 3 19:00:31 2004: DEBUG: Radius::AuthFILE looks for match with
DEFAULT
Fri Sep 3 19:00:31 2004: DEBUG: Radius::AuthFILE ACCEPT: Accept
explicitly by Auth-Type=Accept
Fri Sep 3 19:00:31 2004: DEBUG: Access accepted for
teste at ifxbrasil.com.br
Fri Sep 3 19:00:31 2004: DEBUG: Packet dump:
*** Sending to 200.255.255.41 port 60365 ....
Code: Access-Accept
Identifier: 197
Authentic:
<167><129><22>x<176><130><17><21><230><9><200><192><190><18><3>^
Attributes:
Ascend-Client-Primary-DNS = 200.201.133.98
Ascend-Client-Secondary-DNS = 200.201.133.99
Ascend-Client-Assign-DNS = DNS-Assign-Yes
Fri Sep 3 19:00:33 2004: ERR: Attribute number 55 (vendor ) is not
defined in your dictionary
Fri Sep 3 19:00:33 2004: ERR: Attribute number 86 (vendor 529) is not
defined in your dictionary
Fri Sep 3 19:00:33 2004: ERR: Attribute number 13 (vendor 529) is not
defined in your dictionary
Fri Sep 3 19:00:33 2004: ERR: Attribute number 28 (vendor 529) is not
defined in your dictionary
Fri Sep 3 19:00:33 2004: DEBUG: Packet dump:
*** Received from 200.255.255.41 port 60365 ....
Code: Accounting-Request
Identifier: 160
Authentic: <219>,j<214><214>1<29>|]<12><27><228><216><9>3<183>
Attributes:
User-Name = "teste at ifxbrasil.com.br"
NAS-IP-Address = 200.255.142.5
NAS-Identifier = "nasrjo05.rjo.embratel.net.br"
NAS-Port = 227
NAS-Port-Type = Async
Service-Type = Framed-User
Class = "01"
Acct-Status-Type = Start
Acct-Delay-Time = 0
Acct-Session-Id = "306981982"
Acct-Authentic = RADIUS
Ascend-Modem-PortNo = 40
Ascend-Modem-SlotNo = 8
Ascend-Modem-ShelfNo = 1
Calling-Station-Id = "1151030605"
Called-Station-Id = "40040330"
Framed-Protocol = PPP
Framed-IP-Address = 200.214.87.210
Fri Sep 3 19:00:33 2004: DEBUG: Check if Handler Called-Station-Id =
40040330 should be used to handle this request
Fri Sep 3 19:00:33 2004: DEBUG: Handling request with Handler
'Called-Station-Id = 40040330'
Fri Sep 3 19:00:33 2004: DEBUG: Adding session for
teste at ifxbrasil.com.br, 200.255.142.5, 227
Fri Sep 3 19:00:33 2004: DEBUG: Handling with Radius::AuthFILE
Fri Sep 3 19:00:33 2004: DEBUG: Accounting accepted
On Qua, 2004-09-01 at 19:58, Hugh Irvine wrote:
>
> Hello Felix -
>
> Thanks for the trace, but I need it to show the packet processing to be
> able to see what attributes are added to the reply.
>
> regards
>
> Hugh
>
>
> On 2 Sep 2004, at 05:40, Rafael Felix Correa wrote:
>
> > Hugh,
> >
> > The log with trace 4 remains the same:
> >
> > Wed Sep 1 16:25:36 2004: NOTICE: SIGTERM received: stopping
> > Wed Sep 1 16:25:39 2004: DEBUG: Reading users file
> > /usr/local/radiator/raddb/../users.accept
> > Wed Sep 1 16:25:39 2004: DEBUG: Reading users file
> > tutopia.com.br.defaults
> > Wed Sep 1 16:25:39 2004: DEBUG: Reading users file
> > tutopia.com.br.defaults
> > Wed Sep 1 16:25:39 2004: INFO: Server started: Radiator 2.16.3 on
> > jaguar
> > Wed Sep 1 16:30:28 2004: NOTICE: SIGTERM received: stopping
> > Wed Sep 1 16:30:31 2004: DEBUG: Reading users file
> > /usr/local/radiator/users.accept
> > Wed Sep 1 16:30:31 2004: DEBUG: Reading users file
> > tutopia.com.br.defaults
> > Wed Sep 1 16:30:31 2004: DEBUG: Reading users file
> > tutopia.com.br.defaults
> > Wed Sep 1 16:30:31 2004: INFO: Server started: Radiator 2.16.3 on
> > jaguar
> >
> >
> >
> > On Qua, 2004-09-01 at 05:46, Hugh Irvine wrote:
> >>
> >> Hello Felix -
> >>
> >> I will need to see a copy of the configuration file, the users.accept
> >> file and a more complete trace 4 debug showing what is happening.
> >>
> >> regards
> >>
> >> Hugh
> >>
> >>
> >> On 1 Sep 2004, at 09:42, Rafael Felix Correa wrote:
> >>
> >>> Hello Hugh,
> >>>
> >>> This time i didn't receive any error messages (with trace 5), but it
> >>> still doesn't forward dns info to the clients.
> >>> What could else be causing this?
> >>>
> >>> Log:
> >>>
> >>> Tue Aug 31 13:46:45 2004: NOTICE: SIGTERM received: stopping
> >>> Tue Aug 31 13:46:47 2004: DEBUG: Reading users file
> >>> /usr/local/radiator/raddb/../users.accept
> >>> Tue Aug 31 13:46:47 2004: DEBUG: Reading users file
> >>> tutopia.com.br.defaults
> >>> Tue Aug 31 13:46:47 2004: DEBUG: Reading users file
> >>> tutopia.com.br.defaults
> >>> Tue Aug 31 13:46:48 2004: INFO: Server started: Radiator 2.16.3 on
> >>> jaguar
> >>>
> >>>
> >>> On Seg, 2004-08-30 at 22:13, Hugh Irvine wrote:
> >>>>
> >>>> Hello Felix -
> >>>>
> >>>> Instead of using an AuthBy TEST you should try using an AuthBy FILE:
> >>>>
> >>>> <AuthBy FILE>
> >>>> Filename %D/users.accept
> >>>> </AuthBy>
> >>>>
> >>>> the file users.accept would look like this:
> >>>>
> >>>> DEFAULT Auth-Type = Accept
> >>>> Ascend-Client-Primary-DNS = 200.201.133.98,
> >>>> Ascend-Client-Secondary-DNS = 200.201.133.99
> >>>>
> >>>> You should also seriously consider upgrading.
> >>>>
> >>>> regards
> >>>>
> >>>> Hugh
> >>>>
> >>>>
> >>>> On 31 Aug 2004, at 03:27, Rafael Felix Correa wrote:
> >>>>
> >>>>> Hugh,
> >>>>>
> >>>>> There is the log with trace 5 enabled.I'll send the conf. file
> >>>>> later
> >>>>>
> >>>>>
> >>>>> Fri Aug 27 20:15:43 2004: INFO: Server started: Radiator 2.16.3 on
> >>>>> jaguar
> >>>>> ^[[17~^[[18~^[[15~^[OS^[ORMon Aug 30 14:05:59 2004: NOTICE: SIGTERM
> >>>>> received: stopping
> >>>>> Mon Aug 30 14:05:59 2004: DEBUG: AuthTEST DESTROY ed
> >>>>> Mon Aug 30 14:06:02 2004: DEBUG: Reading users file
> >>>>> tutopia.com.br.defaults
> >>>>> Mon Aug 30 14:06:02 2004: DEBUG: Reading users file
> >>>>> tutopia.com.br.defaults
> >>>>> Mon Aug 30 14:06:02 2004: DEBUG: AuthTEST loaded
> >>>>> Mon Aug 30 14:06:02 2004: DEBUG: AuthTEST keyword(AddToReply,
> >>>>> Ascend-Client-Primary-DNS = 200.201.133.98,
> >>>>> Ascend-Client-Secondary-DNS
> >>>>> = 200.201.133.99) called for /usr/local/radiator/radiator2.cfg line
> >>>>> 404
> >>>>> Mon Aug 30 14:06:02 2004: DEBUG: New Radius::AuthTEST constructed
> >>>>> Mon Aug 30 14:06:02 2004: DEBUG: AuthTEST DESTROY ed
> >>>>> Mon Aug 30 14:06:02 2004: INFO: Server started: Radiator 2.16.3 on
> >>>>> jaguar
> >>>>>
> >>>>>
> >>>>> On Sáb, 2004-08-28 at 05:23, Hugh Irvine wrote:
> >>>>>>
> >>>>>> Hello Felix -
> >>>>>>
> >>>>>> Have you restarted Radiator after changing the configuration file?
> >>>>>>
> >>>>>> If so please send me a trace 4 debug together with the complete
> >>>>>> configuration file (no secrets) showing what is happening.
> >>>>>>
> >>>>>> Please include the Radiator startup messages.
> >>>>>>
> >>>>>> regards
> >>>>>>
> >>>>>> Hugh
> >>>>>>
> >>>>>>
> >>>>>> On 28 Aug 2004, at 10:02, Rafael Felix Correa wrote:
> >>>>>>
> >>>>>>> Is there another way to forward DNS info? Because i tried putting
> >>>>>>> the
> >>>>>>> AddToReply inside AuthBy clause and it didn't work either.
> >>>>>>>
> >>>>>>> I really need to get this working...
> >>>>>>>
> >>>>>>> On Sex, 2004-08-27 at 19:59, Hugh Irvine wrote:
> >>>>>>>>
> >>>>>>>> Hello Felix -
> >>>>>>>>
> >>>>>>>> You should put the AddToReply inside the AuthBy clause:
> >>>>>>>>
> >>>>>>>>
> >>>>>>>> <Handler Called-Station-Id = 40040330>
> >>>>>>>> <AuthBy TEST>
> >>>>>>>> AddToReply \
> >>>>>>>> Ascend-Client-Primary-DNS = 200.201.133.98, \
> >>>>>>>> Ascend-Client-Secondary-DNS = 200.201.133.99
> >>>>>>>> </AuthBy>
> >>>>>>>> </Handler>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>> BTW - the most recent version is Radiator 3.9.
> >>>>>>>>
> >>>>>>>> regards
> >>>>>>>>
> >>>>>>>> Hugh
> >>>>>>>>
> >>>>>>>>
> >>>>>>>> On 28 Aug 2004, at 07:20, Rafael Felix Correa wrote:
> >>>>>>>>
> >>>>>>>>> Hi everyone,
> >>>>>>>>>
> >>>>>>>>> I need to forward primary and secondary DNS to our customers
> >>>>>>>>> who
> >>>>>>>>> connects on specific phone numbers.
> >>>>>>>>>
> >>>>>>>>> All NASes are Lucent Max-TNT.
> >>>>>>>>>
> >>>>>>>>> First i tried this:
> >>>>>>>>>
> >>>>>>>>> <Handler Called-Station-Id = 40040330>
> >>>>>>>>> <AuthBy TEST>
> >>>>>>>>> </AuthBy>
> >>>>>>>>>
> >>>>>>>>> AddToReply \
> >>>>>>>>> Ascend-Client-Primary-DNS = 200.201.133.98, \
> >>>>>>>>> Ascend-Client-Secondary-DNS = 200.201.133.99
> >>>>>>>>> </Handler>
> >>>>>>>>>
> >>>>>>>>> It should work in normal conditions, but my version of Radiator
> >>>>>>>>> is
> >>>>>>>>> 2.16.3. And the log shows that Radiator doesn't understand
> >>>>>>>>> AddToReply
> >>>>>>>>> instruction (probably because of this version).
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>> Anyway, i can't stop radiator for an update because it's too
> >>>>>>>>> critical
> >>>>>>>>> for us. Is there anyway to forward DNS info through Radiator
> >>>>>>>>> 2.16.3?
> >>>>>>>>>
> >>>>>>>>> Thanks
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>> --
> >>>>>>>>> Rafael Felix Correa
> >>>>>>>>>
> >>>>>>>>> --
> >>>>>>>>> Archive at http://www.open.com.au/archives/radiator/
> >>>>>>>>> Announcements on radiator-announce at open.com.au
> >>>>>>>>> To unsubscribe, email 'majordomo at open.com.au' with
> >>>>>>>>> 'unsubscribe radiator' in the body of the message.
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>
> >>>>>>>> NB: have you included a copy of your configuration file (no
> >>>>>>>> secrets),
> >>>>>>>> together with a trace 4 debug showing what is happening?
> >>>>>>>>
> >>>>>>>> --
> >>>>>>>> Radiator: the most portable, flexible and configurable RADIUS
> >>>>>>>> server
> >>>>>>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> >>>>>>>> -
> >>>>>>>> Nets: internetwork inventory and management - graphical,
> >>>>>>>> extensible,
> >>>>>>>> flexible with hardware, software, platform and database
> >>>>>>>> independence.
> >>>>>>>> -
> >>>>>>>> CATool: Private Certificate Authority for Unix and Unix-like
> >>>>>>>> systems.
> >>>>>>>>
> >>>>>>>> --
> >>>>>>>> Archive at http://www.open.com.au/archives/radiator/
> >>>>>>>> Announcements on radiator-announce at open.com.au
> >>>>>>>> To unsubscribe, email 'majordomo at open.com.au' with
> >>>>>>>> 'unsubscribe radiator' in the body of the message.
> >>>>>>>>
> >>>>>>> --
> >>>>>>> Rafael Felix Correa
> >>>>>>> Administrador de Sistemas - IFX Networks
> >>>>>>>
> >>>>>>>
> >>>>>>
> >>>>>> NB: have you included a copy of your configuration file (no
> >>>>>> secrets),
> >>>>>> together with a trace 4 debug showing what is happening?
> >>>>>>
> >>>>>> --
> >>>>>> Radiator: the most portable, flexible and configurable RADIUS
> >>>>>> server
> >>>>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> >>>>>> -
> >>>>>> Nets: internetwork inventory and management - graphical,
> >>>>>> extensible,
> >>>>>> flexible with hardware, software, platform and database
> >>>>>> independence.
> >>>>>> -
> >>>>>> CATool: Private Certificate Authority for Unix and Unix-like
> >>>>>> systems.
> >>>>>>
> >>>>>> --
> >>>>>> Archive at http://www.open.com.au/archives/radiator/
> >>>>>> Announcements on radiator-announce at open.com.au
> >>>>>> To unsubscribe, email 'majordomo at open.com.au' with
> >>>>>> 'unsubscribe radiator' in the body of the message.
> >>>>>>
> >>>>> --
> >>>>> Rafael Felix Correa
> >>>>> Administrador de Sistemas - IFX Networks
> >>>>>
> >>>>> --
> >>>>> Archive at http://www.open.com.au/archives/radiator/
> >>>>> Announcements on radiator-announce at open.com.au
> >>>>> To unsubscribe, email 'majordomo at open.com.au' with
> >>>>> 'unsubscribe radiator' in the body of the message.
> >>>>>
> >>>>>
> >>>>
> >>>> NB: have you included a copy of your configuration file (no
> >>>> secrets),
> >>>> together with a trace 4 debug showing what is happening?
> >>>>
> >>>> --
> >>>> Radiator: the most portable, flexible and configurable RADIUS server
> >>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> >>>> -
> >>>> Nets: internetwork inventory and management - graphical, extensible,
> >>>> flexible with hardware, software, platform and database
> >>>> independence.
> >>>> -
> >>>> CATool: Private Certificate Authority for Unix and Unix-like
> >>>> systems.
> >>>>
> >>>> --
> >>>> Archive at http://www.open.com.au/archives/radiator/
> >>>> Announcements on radiator-announce at open.com.au
> >>>> To unsubscribe, email 'majordomo at open.com.au' with
> >>>> 'unsubscribe radiator' in the body of the message.
> >>>>
> >>> --
> >>> Rafael Felix Correa
> >>> Administrador de Sistemas - IFX Networks
> >>>
> >>>
> >>
> >> NB: have you included a copy of your configuration file (no secrets),
> >> together with a trace 4 debug showing what is happening?
> >>
> >> --
> >> Radiator: the most portable, flexible and configurable RADIUS server
> >> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> >> -
> >> Nets: internetwork inventory and management - graphical, extensible,
> >> flexible with hardware, software, platform and database independence.
> >> -
> >> CATool: Private Certificate Authority for Unix and Unix-like systems.
> >>
> >> --
> >> Archive at http://www.open.com.au/archives/radiator/
> >> Announcements on radiator-announce at open.com.au
> >> To unsubscribe, email 'majordomo at open.com.au' with
> >> 'unsubscribe radiator' in the body of the message.
> >>
> > --
> > Rafael Felix Correa
> > Administrador de Sistemas - IFX Networks
> >
> > --
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
> >
> >
>
> NB: have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
--
Rafael Felix Correa
Administrador de Sistemas - IFX Networks
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list